<?php
define('_file_','a_permission_touser_process');
if ( !isGod() )
	if ( !getRights($mod,'full') )
		if ( !News_getAccessFile(_file_) )
		{
			showMsg('Không có quyền truy cập vào trang này này !','ex','center');
			die();
		}

$totalRecord = getVar('hidTotalRecord',true,true);
$un = getVar('hun',false,true);

$sql = "DELETE FROM um_user_access_mod_files WHERE username='$un'";
$link->execute($sql);

for ( $i=0 ; $i < $totalRecord ; $i++ )
{
	$fid = (!get_magic_quotes_gpc()) ? addslashes(@$_POST['chk_' . $i]) : @$_POST['chk_' . $i];

	if ( $fid != '' )
	{
		//$sql = "DELETE FROM gbook WHERE autoid=" . $autoid;
		$sql = "INSERT INTO um_user_access_mod_files VALUES('$un',$fid)";
		$link->execute($sql);
	}
}

header("Location: admin.php?mod=$mod&act=a_list_user");
?>